Google: Search risk is manageable

By Patrick Marshall

Nov 16, 2007

In the TechBriefs section of the Sept. 10 issue of GCN, we ran an item with the results of a survey that showed 70 percent of government information technology respondents were concerned that the Search Across Computers feature in Google's desktop search engine ' which involves temporarily storing data on Google servers ' represents a security risk.

Google, not surprisingly, took exception to the drift of the respondents' concerns. And we have to concede, they've got some legitimate reasons for taking exception.

'The purpose of the search across computers feature is to allow a user who uses multiple machines to be able to share information between them,' Matt Glotzbach, director of product management at Google Enterprise, told GCN. Glotzbach said the feature could violate data security policies, just as copying a file to a flash drive and taking it home could. That's why, he said, Google takes steps to ensure that organizations that are concerned about security can prevent such a thing from happening.

For starters, Glotzbach said, the file can't be accessed in its native form. 'I'll be able to see a cached text version but I will not be able to retrieve the actual file.'

But more importantly, the capability itself is turned off by default. 'The user would have to enable it,' he said, adding, 'it's not the kind of feature that can be accidentally enabled. And the administrator can prevent the user from enabling it.'

'We've really tried to put a lot of thought into how are these applications going to be used in these organizations and what are the necessary levels of control that we can hand to administrators such that they can ensure that we are abiding by their corporate organization and policies,' Glotzbach said.